1.6 System Security Flashcards

1
Q

Define malware

A

MALicious softWARE written to infect computers and commit crimes such as fraud and identity theft.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Define virus

A

Malware designed to cause harm to a network or computer.

Most have a human element to them.

Attaches itself to programs or files on a computer or server.

Almost all are attached to an executable file, so the virus may exist on a system; won’t be active or able to spread until a user runs or opens the malicious host file or program.

Often spread through files, programs, emails, messages or games that you download.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Define worms

A

Replicates itself to spread to other computers often using a computer network and fills up the RAM.

To achieve this, the worm exploits vulnerabilities across the computer network.

Unlike a virus, it doesn’t need to attach to a program.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Define trojan horse

A

Harmful piece of software that looks legitimate.

Users are typically tricked into loading and executing it on their systems.

After it’s activated, it can achieve any number of attacks on the host.

Create back doors to give malicious users access to the system.

Trojans must spread through user interaction such as opening an e-mail attachment or downloading and running a file from the internet.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Define network policies

A

How a system can be secured through specific rules or requirements.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Define firewalls

A

Software that performs a “barrier” between a potential attacker and the computer system.

Can be held on a server, or a standalone computer.

Many have this feature as part of an anti-virus package.

Not 100% effective – an attacker could exploit a vulnerability.

Monitors applications and network usages.

Can block access from certain computer users and disable processes which may be perceived as a threat.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Define penetration testing

A

Tests performed under a controlled environment by a qualified person.

Checks for current vulnerabilities and explores potential ones in order to expose weaknesses in the system so they can’t be maliciously exploited.

May use tools to help them in their duties.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What are the effects of malware?

A

1) Computer may crash, reboot spontaneously or slow down without any logical explanation.
2) When a worm infects a computer, the internet connection may become slow as the worm searches online for other computers to infect.
3) Files may be deleted, become corrupt or encrypted.
4) Hackers record typed keys of computer so they know passwords.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

How can you prevent malware?

A

1) Strong security software (firewall, spam filter, anti-virus, anti-spyware, anti-spam).
2) Enable OS updates.
3) Staff training: caution opening attachments.
4) Back up files regularly.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Define social engineering

A

Relies on human interaction (social skills).

Commonly involves tricking users into breaking normal security procedures.

Method doesn’t revolve around technical cracking techniques such as: worms or viruses.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Define phishing

A

Form of social engineering.

Designed to acquire sensitive information such as: usernames, passwords, card details etc.

Most common phishing attacks are sent through email.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What are the effects of phishing?

A

1) Accessing a victim’s account and withdraw money or purchase merchandise or services.
2) Open new bank or credit-card accounts in a victim’s names, and use the new account to cash illegitimate checks or purchase merchandise.
3) Gaining access high-value corporate data.
4) Financial services can blacklist institutions, resulting in reputational damage.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

How can you prevent phishing?

A

1) Strong security software (firewall, spam filter, anti-virus, anti-spam).
2) Staff training: awareness of spotting fake websites & amp; emails.
3) Staff training: never disclose personal or financial information.
4) Staff training: disable pop-ups.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Define brute force attack

A

Trial and error method used by programs to decode encrypted data such as: passwords or Data Encryption Standard (DES) keys, through exhaustive effort rather than employing intellectual strategies.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What are the effects of brute force attack?

A

1) Theft of data.

2) Access to corporate systems.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

How can you prevent brute force attacks?

A

1) Network lockout policy: locks out after number of tries expires.
2) Effective software: progressive delays.
3) Staff training: using effective passwords that contain symbols and numbers.
4) Challenge response tests e.g. reCAPTCHA.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Define denial of service attack

A

Flooding a server with useless traffic causes servers to become overloaded preventing them responding to legitimate client-server requests from users.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What are the effects of denial of service attack?

A

1) Revenue losses: downtime affects profits.
2) Productivity Loss.
3) Reputation Damage.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

How can you prevent denial of service attacks?

A

1) Strong security software (firewall).
2) Packet filters on routers.
3) Configuration of the web server.
4) Good network policy: audits, logs, monitoring.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Define data interception and theft

A

An attacker monitors data streams to/from a target, in order to gather sensitive information.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

What are the effects of data interception and theft?

A

1) Discovering username and password credentials.
2) Gaining access to systems.
3) Disclosure of corporate data.
4) Theft of data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

How can you prevent data interception and theft?

A

1) Strong encryption.
2) Using virtual networks.
3) Staff training: use of passwords, locking and portable storage devices.
4) Network forensics.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Define SQL injection

A

A code injection technique, used to attack data-driven applications.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

What are the effects of SQL injection?

A

1) Contents of the database can be output, revealing data that otherwise would be hidden.
2) Data in the database can be amended and deleted.
3) New rogue records can be added.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

How can you prevent SQL injection?

A

1) Validation of input fields.
2) Using parameterised queries.
3) Using database permissions.
4) Penetration testing.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

There are few/many ways in which networks can be attacked

A

many

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

True/False: Networks can be attacked by targeting the people who use them

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

What does social engineering involve?

A

Tricking people into divulging secret information such as passwords and login information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

Give an example of private information that can be given when tricking people as a result of social engineering

A

Anything such as passwords, login information, etc

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

What does phishing involve?

A

Emailing someone claiming or appearing to be from a bank or building society e-commerce site, asking for details of passwords or credit cards

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

What does shouldering involve?

A

Finding passwords and PINs by watching people enter them. This could happen in a busy office or at a distance using binoculars or recording equipment

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

All organisations should have an __________ use policy

A

acceptable

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

What must users do when there is an acceptable use policy in place?

A

Read it, sign it and abide by it

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

List things that should be included in an acceptible use policy

A

Any from users must not use their own devices on the network, users must not download files from the internet, etc

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

Why should users on a network not use their own devices such as USB flash drives?

A

These pose a threat as malware can be introduced to the network and data can be removed and stolen

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

Why should users connected to a network not download files from the internet?

A

They could be infected with malware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

____ passwords are a major security risks

A

Weak

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

What is a weak password?

A

A password that can be easily and quickly guessed by humans and computers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

Hackers often use _____-_____ techniques to try different combinations of letters, numbers and symbols to get in to a system

A

brute force

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

Brute-force software tries…to get in to a system

A

every single combination of letters, numbers and symbols until it finds the correct combination

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

A long password with a combination of what will take longer to guess?

A

Letters, numbers and symbols

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

Passwords should be changed _________

A

regularly

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

True/False: You should reuse old passwords

A

False, old passwords should never be reused

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q

Why should dates of birth and relatives names never be used in passwords?

A

Hackers can find them out

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
45
Q

Many forms of attack target users by getting them to install _______ (harmful software) on their computers

A

malware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
46
Q

What is malware?

A

Software that has been designed to gain unauthorised access to a computer system in order to disrupt its functioning, or collect information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
47
Q

Malware is software that has been designed to gain unauthorised access to a computer system in order to…

A

disrupt its functioning, or collect information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
48
Q

Malware is software that has been designed to gain what to a computer system?

A

Unauthorised access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
49
Q

What is a virus?

A

A computer program hidden inside another program which can delete or corrupt data on an infected computer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
50
Q

A virus can _________ itself and insert itself into other programs or files that can then be passed on

A

replicate

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
51
Q

Viruses can delete or _______ data held on an infected computer

A

corrupt

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
52
Q

A worm needs/does not need another program to carry it

A

does not need

53
Q

A work can replicate and send itself in emails that are then sent to everyone in a user’s…

A

address book

54
Q

What do worms consume? (Computer Science)

A

Computer resources as they are reproducing

55
Q

Why do worms consume computer resources as they are reproducing?

A

To allow criminals to gain access to an infected computer and take it over

56
Q

Trojans are installed by _____

A

users

57
Q

When do users install trojans?

A

When they think they are installing legitimate software

58
Q

What can trojans do?

A

Delete files, change the desktop layout and send screenshots and key presses to a hacker’s computer

59
Q

Spyware often comes packaged with what?

A

Other software

60
Q

Users do/do not know that they are installing spyware

A

do not

61
Q

What does spyware do?

A

Spies on the user like a trojan by sending information to a criminal

62
Q

To prevent infection, you can install _________ software and ensure that it is constantly updated

A

antivirus

63
Q

To prevent infection, you can ensure that _________ software can scan emails

A

antivirus

64
Q

To prevent infection, you can install anti-spyware protection software that…

A

removes or blocks spyware

65
Q

To prevent infection, you can avoid opening emails and attachments from…

A

unknown sources

66
Q

To prevent infection, you can install a ________ to ensure that software is not downloaded without your knowledge

A

firewall

67
Q

True/False: To prevent infection, you can ensure that an operating system is up to date

A

True

68
Q

To prevent infection, you can install the latest ________ updates

A

security

69
Q

Many attacks on networks use methods that bypass the users and target…

A

the network operating system and security

70
Q

What are brute-force attacks?

A

Attacks where automated software tries millions of different password cobinations to get in to a system

71
Q

Brute-force attacks are general attacks that need little/lots of special knowledge and techniques

A

Little

72
Q

In a brute-force attack, automated software is used to try…

A

millions of different passwords

73
Q

Success in a brute-force attack is based on…

A

computing power rather than any specialist techniques

74
Q

What does data interception and theft involve?

A

The use of packet sniffers to intercept data packets on a network, which are then analysed

75
Q

What do packet sniffers do?

A

Intercept data packets on a network and analyse them

76
Q

What can be obtained during data interception and theft?

A

Sensitive data such as login names, passwords and credit card numbers

77
Q

What does DoS stand for?

A

Denial of Service

78
Q

What are denial of service attacks?

A

An overload on a network or website by flooding it with network communications such as login requests

79
Q

What does DDoS stand for?

A

Distributed denial of service

80
Q

Malware can be used to take control of lots of computers (zombies) that will all send information and login requests at the same time. This is called…

A

A distributed denial of service (DDoS) attack

81
Q

True/False: DoS attacks may be used to extort money or they may be organised by rival organisations

A

True

82
Q

Why are DoS attacks often used by hacktivists?

A

To punish organisations they think are unethical

83
Q

SQL injection exploits…

A

personal and financial data held on websites stored in huge databases

84
Q

Give an example of a site that stores personal and financial data in huge databases, which can be exploited by SQL injection

A

Any from social networking sites, banks, online commerce sites, etc

85
Q

SQL stands for…

A

Structured Query Language

86
Q

SQL is used to __________ data

A

manipulate

87
Q

Give an example of how SQL is used to manipulate data

A

Any from to create new records, search for information, check login names and passwords, etc

88
Q

Why would criminals want to create commands entered in login fields to bypass security?

A

To gain access to records and steal valuable data such as names, addresses and bank details

89
Q

Although a brute-force attack may be able to gain access to an account eventually, these attacks can take…

A

several hours, days, months and even years to run

90
Q

What does the time to complete a brute-force attack depend on?

A

The password and the power of the computer(s) used to conduct the attack

91
Q

Why are brute-force attacks called brute-force attacks?

A

No specialist techniques are used. Raw computing power is used to try millions of combinations

92
Q

All networks must be protected against unauthorised access by…

A

identifying risks and applying measures to prevent them

93
Q

Penetration testing is used to…

A

test a computer system or network in order to find vulnerabilities that an attacker could exploit

94
Q

In penetration testing, testers take the role of hackers and…

A

try to gain unauthorised access

95
Q

Penetration testing assesses…

A

the security awareness of users and demonstrates the effectiveness of network security policies

96
Q

What are network forensics?

A

The monitoring, recording and analysis of network events

97
Q

Give 2 examples of events that can be monitored with network forensics

A

Any 2 from who has logged in, how many unsuccessful attempts have been made, what users have done and what has been deleted

98
Q

Network forensics can identify…

A

unusual network activity

99
Q

Network forensics analysis can be used as legal evidence if…

A

illegal activity is detected

100
Q

Passwords should/shouldn’t be strong

A

should

101
Q

A strong should include…

A

at least eight characters and include non-alphanumeric characters

102
Q

Passwords should/shouldn’t be changed regularly

A

should

103
Q

Passwords should never be written down or…

A

shared

104
Q

Old passwords should never be…

A

reused

105
Q

User access levels are used to set…

A

which files and folders users are allowed to access and at what level

106
Q

User access levels set which files and folders users are allowed to…

A

see, browse, edit or delete

107
Q

What are network policies?

A

Rules that set out what users can and cannot do on a network

108
Q

Give an example of something that may be in a network policy

A

Any from must not use removable storage devices, install their own software, download files from internet sites. etc

109
Q

Users of a network should/shouldn’t use removable storage devices

A

shouldn’t

110
Q

Users of a network should/shouldn’t install their own software and download files from internet sites

A

shouldn’t

111
Q

Network policies should set out when backups will be made and where…

A

they will be kept

112
Q

What policies should have rules which sets out what should be done if there is a problem or breach of security?

A

Network policies

113
Q

Workers on a network who use removable media must…

A

abide by policies put in place to safeguard the business network

114
Q

State two types of removable media that workers might use on their journey to and from work

A

Any 2 from smartphone, mp3 player and camera

115
Q

State two reasons why the use of removable media on a network at work mught be restricted

A

Malware could be introduced to the network and data could be copied or stolen

116
Q

System measures can also be taken to…

A

protect networks from threats

117
Q

Anti-malware software is designed to…

A

detect and remove malware

118
Q

Give an example of anti-malware software

A

Any from antivirus, spyware removal software, etc

119
Q

Anti-malware software should be constantly…

A

updated to tackle new threats

120
Q

Operating systems should be kept up to date as…

A

new security features are introduced

121
Q

What is encryption?

A

The conversion of data into a form that cannot be understood unless a user knows how to convert it back again

122
Q

The processes of converting data into a form that cannot be understood and converting it back again are called…

A

Encryption and decryption

123
Q

A common method of encryption and decryption is using a…

A

‘public’ and ‘private’ key

124
Q

How is a ‘public’ key used in encryption?

A

A user would encrypt a message to send using the recipient’s public key that is available to all

125
Q

How is a ‘private’ key used in encryption?

A

Only the recipient’s private key is able to decrypt the message sent using the public key

126
Q

What does a firewall do?

A

Protects a network connected to a WAN such as the internet

127
Q

Firewalls can be provided by…

A

hardware or software

128
Q

Firewalls can be configured to prevent ______________ from entering a network

A

communications

129
Q

Firewalls can prevent what/who from accessing the internet from within a network?

A

Programs and users